Nintendo alerted all Nintendo Switch holders to secure their accounts. This came after the recent reports about multiple unauthorized account access.
Complains from various social media platforms flooded the internet over the weekend. Nintendo Switch users expressed their surprise and disappointments after receiving alerts that their accounts were accessed from different locations.
Some of the login notifications came from browsers that they did not even install. One reported case claimed that the user received a Nintendo account login alert via a text message.
The SMS alerted him that his account logged in from the United States through a Mozilla Firefox browser. The account holder confirmed that he does not have a Firefox Browser installed on any of his devices.
Nintendo’s response
Nintendo on Tuesday released a statement that the multiple hacking incidents came to their attention. However, the company did not give further explanations on how all these account intrusions happened.
Instead, Nintendo advised all Switch account holders to be vigilant and secure their login details. The statement specifically instructed the users to resort to the two-factor authentication (2FA) login process.
Nintendo also suggested for all Switch account holders to login to their Nintendo accounts portal to immediately change their password.
The report also strongly recommended that all users should unlink their payment credentials from their Nintendo accounts.
The company reminded them that the recommendation goes out to all account holders, whether hacked or not.
How far can the Nintendo hackers go?
Nintendo account holders are at high risk of unauthorized online purchases if they linked their accounts to a valid credit card. This is because of the eshop, that allows a user to make online purchases for his own Nintendo Switch account.
However, the risks vary depending on the location. Some regions like Brazil allows eshop users to purchase online game codes. The codes are shareable through email, which the purchaser can claim even using a different Nintendo Switch account.
How it all started
Users are now looking at the possibility that the intrusion came from the Nintendo Network ID (NNID) service.
The company used the service for earlier platforms such as Wii U and 3DS. Users had to sign up their NNIDs using the resistive-screen keyboards that made it hard for them to create a stronger password.
When Nintendo modified the account set up process, the NNIDs remained in existence and were linked to the users’ new accounts. This means that if hackers can access the NNID, they could access the Switch users’ accounts as well.
Image courtesy of joatseu/Pixabay